diff -u cacti-0.8.6h/debian/patches/00list cacti-0.8.6h/debian/patches/00list
--- cacti-0.8.6h/debian/patches/00list
+++ cacti-0.8.6h/debian/patches/00list
@@ -7,0 +8 @@
+CVE-2006-6799.dpatch
diff -u cacti-0.8.6h/debian/changelog cacti-0.8.6h/debian/changelog
--- cacti-0.8.6h/debian/changelog
+++ cacti-0.8.6h/debian/changelog
@@ -1,3 +1,15 @@
+cacti (0.8.6h-3ubuntu0.1) edgy-security; urgency=low
+
+  * SECURITY UPDATE: SQL injection
+  * CVE-2006-6799.dpatch: Fix SQL injection vulnerability in Cacti when
+    register_argc_argv is enabled. Patch taken from upstream. 
+    (Closes  LP#78453)
+  * References
+    CVE-2006-6799
+    http://www.cacti.net/download_patches.php?version=0.8.6h
+
+ -- Martin Jürgens <martin@gamesplace.info>  Sun, 28 Jan 2007 00:10:31 +0100
+
 cacti (0.8.6h-3) unstable; urgency=low
 
   * official patch from upstream to fix database corruption and display some
diff -u cacti-0.8.6h/debian/po/templates.pot cacti-0.8.6h/debian/po/templates.pot
--- cacti-0.8.6h/debian/po/templates.pot
+++ cacti-0.8.6h/debian/po/templates.pot
@@ -8,7 +8,7 @@
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: seanius@debian.org\n"
-"POT-Creation-Date: 2005-12-01 16:11+0100\n"
+"POT-Creation-Date: 2007-01-28 00:16+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -19,23 +19,23 @@
 #. Type: select
 #. Choices
-#: ../cacti.templates:3
+#: ../cacti.templates:1001
 msgid "Apache, Apache-SSL, Apache2, All, None"
 msgstr ""
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Webserver type"
 msgstr ""
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Which kind of web server should be used by cacti?"
 msgstr ""
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Select \"None\" if you would like to configure your webserver by hand."
 msgstr ""
diff -u cacti-0.8.6h/debian/po/pt.po cacti-0.8.6h/debian/po/pt.po
--- cacti-0.8.6h/debian/po/pt.po
+++ cacti-0.8.6h/debian/po/pt.po
@@ -7,7 +7,7 @@
 msgstr ""
 "Project-Id-Version: cacti 0.8.6g-2\n"
 "Report-Msgid-Bugs-To: seanius@debian.org\n"
-"POT-Creation-Date: 2005-12-01 16:11+0100\n"
+"POT-Creation-Date: 2007-01-28 00:16+0100\n"
 "PO-Revision-Date: 2005-11-01 12:08+0100\n"
 "Last-Translator: Luís Ferreira <anarka@anarka.org>\n"
 "Language-Team: Portuguese <traduz@debianpt.org>\n"
@@ -17,25 +17,25 @@
 
 #. Type: select
 #. Choices
-#: ../cacti.templates:3
+#: ../cacti.templates:1001
 msgid "Apache, Apache-SSL, Apache2, All, None"
 msgstr "Apache, Apache-SSL, Apache2, Todos, Nenhum"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Webserver type"
 msgstr "Tipo de servidor web"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Which kind of web server should be used by cacti?"
 msgstr "Que tipo de servidor web deve o cacti usar?"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Select \"None\" if you would like to configure your webserver by hand."
 msgstr "Selecione \"Nenhum\" se desejar configurar o seu servidor web á mão."
 
diff -u cacti-0.8.6h/debian/po/cs.po cacti-0.8.6h/debian/po/cs.po
--- cacti-0.8.6h/debian/po/cs.po
+++ cacti-0.8.6h/debian/po/cs.po
@@ -15,7 +15,7 @@
 msgstr ""
 "Project-Id-Version: cacti 0.8.6f-1\n"
 "Report-Msgid-Bugs-To: seanius@debian.org\n"
-"POT-Creation-Date: 2005-12-01 16:11+0100\n"
+"POT-Creation-Date: 2007-01-28 00:16+0100\n"
 "PO-Revision-Date: 2005-07-06 16:30+0200\n"
 "Last-Translator: Miroslav Kure <kurem@debian.cz>\n"
 "Language-Team: Czech <debian-l10n-czech@lists.debian.org>\n"
@@ -25,25 +25,25 @@
 
 #. Type: select
 #. Choices
-#: ../cacti.templates:3
+#: ../cacti.templates:1001
 msgid "Apache, Apache-SSL, Apache2, All, None"
 msgstr "Apache, Apache-SSL, Apache2, Všechny, Žádný"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Webserver type"
 msgstr "Typ webového serveru"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Which kind of web server should be used by cacti?"
 msgstr "Jaký typ webového serveru použít pro cacti?"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Select \"None\" if you would like to configure your webserver by hand."
 msgstr "Pokud chcete nastavit webový server ručně, vyberte \"Žádný\"."
 
diff -u cacti-0.8.6h/debian/po/pt_BR.po cacti-0.8.6h/debian/po/pt_BR.po
--- cacti-0.8.6h/debian/po/pt_BR.po
+++ cacti-0.8.6h/debian/po/pt_BR.po
@@ -15,7 +15,7 @@
 msgstr ""
 "Project-Id-Version: cacti\n"
 "Report-Msgid-Bugs-To: seanius@debian.org\n"
-"POT-Creation-Date: 2005-12-01 16:11+0100\n"
+"POT-Creation-Date: 2007-01-28 00:16+0100\n"
 "PO-Revision-Date: 2005-03-25 21:33-0300\n"
 "Last-Translator: Tiago Bortoletto Vaz <tiago@debian-ba.org>\n"
 "Language-Team: Debian-BR Project\n"
@@ -25,26 +25,26 @@
 
 #. Type: select
 #. Choices
-#: ../cacti.templates:3
+#: ../cacti.templates:1001
 #, fuzzy
 msgid "Apache, Apache-SSL, Apache2, All, None"
 msgstr "Apache, Apache-SSL, Apache2, Todos"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Webserver type"
 msgstr "Tipo do servidor WEB"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Which kind of web server should be used by cacti?"
 msgstr "Que tipo de base de dados deve ser usada pelo cacti ?"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Select \"None\" if you would like to configure your webserver by hand."
 msgstr ""
 "Selecione \"None\" caso voc� queira configurar seu servidor WEB manualmente."
diff -u cacti-0.8.6h/debian/po/fr.po cacti-0.8.6h/debian/po/fr.po
--- cacti-0.8.6h/debian/po/fr.po
+++ cacti-0.8.6h/debian/po/fr.po
@@ -17,7 +17,7 @@
 msgstr ""
 "Project-Id-Version: cacti 0.6.8a-13\n"
 "Report-Msgid-Bugs-To: seanius@debian.org\n"
-"POT-Creation-Date: 2005-12-01 16:11+0100\n"
+"POT-Creation-Date: 2007-01-28 00:16+0100\n"
 "PO-Revision-Date: 2005-03-07 08:06+0100\n"
 "Last-Translator: Christian Perrier <bubulle@debian.org>\n"
 "Language-Team: French <debian-l10n-french@lists.debian.org>\n"
@@ -29,25 +29,25 @@
 
 #. Type: select
 #. Choices
-#: ../cacti.templates:3
+#: ../cacti.templates:1001
 msgid "Apache, Apache-SSL, Apache2, All, None"
 msgstr "Apache, Apache-SSL, Apache2, Tous, Aucun"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Webserver type"
 msgstr "Type de serveur web�:"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Which kind of web server should be used by cacti?"
 msgstr "Veuillez choisir le type de serveur web qu'utilisera Cacti."
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Select \"None\" if you would like to configure your webserver by hand."
 msgstr ""
 "Choisissez ��Aucun�� si vous pr�f�rez configurer vous-m�me votre serveur web."
diff -u cacti-0.8.6h/debian/po/es.po cacti-0.8.6h/debian/po/es.po
--- cacti-0.8.6h/debian/po/es.po
+++ cacti-0.8.6h/debian/po/es.po
@@ -27,7 +27,7 @@
 msgstr ""
 "Project-Id-Version: cacti\n"
 "Report-Msgid-Bugs-To: seanius@debian.org\n"
-"POT-Creation-Date: 2005-12-01 16:11+0100\n"
+"POT-Creation-Date: 2007-01-28 00:16+0100\n"
 "PO-Revision-Date: 2005-08-29 18:36+0100\n"
 "Last-Translator: César Gómez Martín <cesar.gomez@gmail.com>\n"
 "Language-Team: Debian l10n spanish <debian-l10n-spanish@lists.debian.org>\n"
@@ -40,25 +40,25 @@
 
 #. Type: select
 #. Choices
-#: ../cacti.templates:3
+#: ../cacti.templates:1001
 msgid "Apache, Apache-SSL, Apache2, All, None"
 msgstr "Apache, Apache-SSL, Apache2, Todos, Ninguno"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Webserver type"
 msgstr "Tipo de servidor web"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Which kind of web server should be used by cacti?"
 msgstr "¿Qué tipo de servidor web quiere usar con cacti?"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Select \"None\" if you would like to configure your webserver by hand."
 msgstr "Seleccione «Ninguno» si quiere configurar su servidor web manualmente."
 
diff -u cacti-0.8.6h/debian/po/de.po cacti-0.8.6h/debian/po/de.po
--- cacti-0.8.6h/debian/po/de.po
+++ cacti-0.8.6h/debian/po/de.po
@@ -11,7 +11,7 @@
 msgstr ""
 "Project-Id-Version: cacti 0.8.6g\n"
 "Report-Msgid-Bugs-To: seanius@debian.org\n"
-"POT-Creation-Date: 2005-12-01 16:11+0100\n"
+"POT-Creation-Date: 2007-01-28 00:16+0100\n"
 "PO-Revision-Date: 2005-12-29 14:02+0100\n"
 "Last-Translator: Mathias Klein <ma_klein@gmx.de>\n"
 "Language-Team: Deutsch <debian-l10n-german@lists.debian.org>\n"
@@ -21,25 +21,25 @@
 
 #. Type: select
 #. Choices
-#: ../cacti.templates:3
+#: ../cacti.templates:1001
 msgid "Apache, Apache-SSL, Apache2, All, None"
 msgstr "Apache, Apache-SSL, Apache2, alle, keiner"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Webserver type"
 msgstr "Webserver"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Which kind of web server should be used by cacti?"
 msgstr "Welche Art von Webserver soll von Cacti verwendet werden?"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Select \"None\" if you would like to configure your webserver by hand."
 msgstr ""
 "Wählen Sie »keiner«, wenn Sie den Webserver von Hand konfigurieren wollen."
diff -u cacti-0.8.6h/debian/po/sv.po cacti-0.8.6h/debian/po/sv.po
--- cacti-0.8.6h/debian/po/sv.po
+++ cacti-0.8.6h/debian/po/sv.po
@@ -15,7 +15,7 @@
 msgstr ""
 "Project-Id-Version: cacti 0.8.6g-1\n"
 "Report-Msgid-Bugs-To: seanius@debian.org\n"
-"POT-Creation-Date: 2005-12-01 16:11+0100\n"
+"POT-Creation-Date: 2007-01-28 00:16+0100\n"
 "PO-Revision-Date: 2005-11-12 00:07+0100\n"
 "Last-Translator: Daniel Nylander <po@danielnylander.se>\n"
 "Language-Team: Swedish <sv@li.org>\n"
@@ -27,25 +27,25 @@
 
 #. Type: select
 #. Choices
-#: ../cacti.templates:3
+#: ../cacti.templates:1001
 msgid "Apache, Apache-SSL, Apache2, All, None"
 msgstr "Apache, Apache-SSL, Apache2, Alla, Ingen"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Webserver type"
 msgstr "Webbserver-typ"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Which kind of web server should be used by cacti?"
 msgstr "Vilken typ av webbserver ska användas för cacti?"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Select \"None\" if you would like to configure your webserver by hand."
 msgstr "Välj \"Ingen\" om du vill konfigurera din webbserver på egen hand."
 
diff -u cacti-0.8.6h/debian/po/nl.po cacti-0.8.6h/debian/po/nl.po
--- cacti-0.8.6h/debian/po/nl.po
+++ cacti-0.8.6h/debian/po/nl.po
@@ -15,7 +15,7 @@
 msgstr ""
 "Project-Id-Version: cacti 0.8.4-2\n"
 "Report-Msgid-Bugs-To: seanius@debian.org\n"
-"POT-Creation-Date: 2005-12-01 16:11+0100\n"
+"POT-Creation-Date: 2007-01-28 00:16+0100\n"
 "PO-Revision-Date: 2004-09-09 11:57+0100\n"
 "Last-Translator: Luk Claes <luk.claes@ugent.be>\n"
 "Language-Team: Debian l10n Dutch <debian-l10n-dutch@lists.debian.org>\n"
@@ -25,25 +25,25 @@
 
 #. Type: select
 #. Choices
-#: ../cacti.templates:3
+#: ../cacti.templates:1001
 msgid "Apache, Apache-SSL, Apache2, All, None"
 msgstr "Apache, Apache-SSL, Apache2, Allemaal, Geen"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Webserver type"
 msgstr "Type webserver"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Which kind of web server should be used by cacti?"
 msgstr "Welk soort webserver moet door cacti worden gebruikt?"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Select \"None\" if you would like to configure your webserver by hand."
 msgstr "Selecteer \"Geen\" als u uw webserver handmatig wilt configureren."
 
diff -u cacti-0.8.6h/debian/po/vi.po cacti-0.8.6h/debian/po/vi.po
--- cacti-0.8.6h/debian/po/vi.po
+++ cacti-0.8.6h/debian/po/vi.po
@@ -6,7 +6,7 @@
 msgstr ""
 "Project-Id-Version: cacti 0.8.6d-1\n"
 "Report-Msgid-Bugs-To: seanius@debian.org\n"
-"POT-Creation-Date: 2005-12-01 16:11+0100\n"
+"POT-Creation-Date: 2007-01-28 00:16+0100\n"
 "PO-Revision-Date: 2005-06-12 20:42+0930\n"
 "Last-Translator: Clytie Siddall <clytie@riverland.net.au>\n"
 "Language-Team: Vietnamese <gnomevi-list@lists.sourceforge.net>\n"
@@ -17,25 +17,25 @@
 
 #. Type: select
 #. Choices
-#: ../cacti.templates:3
+#: ../cacti.templates:1001
 msgid "Apache, Apache-SSL, Apache2, All, None"
 msgstr "Apache, Apache-SSL, Apache2, Tất cả, Không có"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Webserver type"
 msgstr "Loại trình phục vụ Mạng"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Which kind of web server should be used by cacti?"
 msgstr "Trình cacti sẽ dùng trình phục vụ Mạng loại nào?"
 
 #. Type: select
 #. Description
-#: ../cacti.templates:5
+#: ../cacti.templates:1002
 msgid "Select \"None\" if you would like to configure your webserver by hand."
 msgstr "Hãy chọn «Không có» nếu bạn muốn tự cấu hình trình phục vụ Mạng."
 
only in patch2:
unchanged:
--- cacti-0.8.6h.orig/debian/patches/CVE-2006-6799.dpatch
+++ cacti-0.8.6h/debian/patches/CVE-2006-6799.dpatch
@@ -0,0 +1,286 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## CVE-2006-6799.dpatch by  <martin@gamesplace.info>
+##
+## DP: Fix SQL injection vulnerability
+
+@DPATCH@
+diff -urNad cacti-0.8.6h~/cmd.php cacti-0.8.6h/cmd.php
+--- cacti-0.8.6h~/cmd.php	2006-01-04 04:08:30.000000000 +0100
++++ cacti-0.8.6h/cmd.php	2007-01-28 00:04:07.000000000 +0100
+@@ -26,7 +26,7 @@
+ */
+ 
+ /* do NOT run this script through a web browser */
+-if (!isset($_SERVER["argv"][0])) {
++if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
+ 	die("<br><strong>This script is only meant to run at the command line.</strong>");
+ }
+ 
+@@ -71,6 +71,10 @@
+ 	$print_data_to_stdout = false;
+ 	if ($_SERVER["argc"] == "3") {
+ 		if ($_SERVER["argv"][1] <= $_SERVER["argv"][2]) {
++			/* address potential exploits */
++			input_validate_input_number($_SERVER["argv"][1]);
++			input_validate_input_number($_SERVER["argv"][2]);
++
+ 			$hosts = db_fetch_assoc("select * from host where (disabled = '' and " .
+ 					"id >= " .
+ 					$_SERVER["argv"][1] .
+diff -urNad cacti-0.8.6h~/copy_cacti_user.php cacti-0.8.6h/copy_cacti_user.php
+--- cacti-0.8.6h~/copy_cacti_user.php	2006-01-04 04:08:30.000000000 +0100
++++ cacti-0.8.6h/copy_cacti_user.php	2007-01-28 00:04:07.000000000 +0100
+@@ -25,9 +25,10 @@
+ */
+ 
+ /* do NOT run this script through a web browser */
+-if (! isset($_SERVER["argv"][0])) {
+-	die("This script is only meant to run at the command line.\n");
++if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
++   die("<br><strong>This script is only meant to run at the command line.</strong>");
+ }
++
+ if (empty($_SERVER["argv"][2])) {
+ 	die("\nSyntax:\n php copy_cacti_user.php <template user> <new user>\n\n");
+ }
+diff -urNad cacti-0.8.6h~/include/html/inc_timespan_settings.php cacti-0.8.6h/include/html/inc_timespan_settings.php
+--- cacti-0.8.6h~/include/html/inc_timespan_settings.php	2006-01-04 04:08:29.000000000 +0100
++++ cacti-0.8.6h/include/html/inc_timespan_settings.php	2007-01-28 00:04:07.000000000 +0100
+@@ -24,6 +24,20 @@
+  +-------------------------------------------------------------------------+
+ */
+ 
++/* ================= input validation ================= */
++input_validate_input_number(get_request_var_request("predefined_timespan"));
++/* ==================================================== */
++
++/* clean up date1 string */
++if (isset($_REQUEST["date1"])) {
++	$_REQUEST["date1"] = sanitize_search_string(get_request_var("date1"));
++}
++
++/* clean up date2 string */
++if (isset($_REQUEST["date2"])) {
++	$_REQUEST["date2"] = sanitize_search_string(get_request_var("date2"));
++}
++
+ /* initialize the timespan array */
+ $timespan = array();
+ 
+diff -urNad cacti-0.8.6h~/poller.php cacti-0.8.6h/poller.php
+--- cacti-0.8.6h~/poller.php	2006-01-04 04:08:30.000000000 +0100
++++ cacti-0.8.6h/poller.php	2007-01-28 00:04:07.000000000 +0100
+@@ -26,7 +26,7 @@
+ */
+ 
+ /* do NOT run this script through a web browser */
+-if (!isset($_SERVER["argv"][0])) {
++if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
+ 	die("<br><strong>This script is only meant to run at the command line.</strong>");
+ }
+ 
+diff -urNad cacti-0.8.6h~/poller_commands.php cacti-0.8.6h/poller_commands.php
+--- cacti-0.8.6h~/poller_commands.php	2006-01-04 04:08:30.000000000 +0100
++++ cacti-0.8.6h/poller_commands.php	2007-01-28 00:04:07.000000000 +0100
+@@ -27,7 +27,7 @@
+ define("MAX_RECACHE_RUNTIME", 296);
+ 
+ /* do NOT run this script through a web browser */
+-if (!isset($_SERVER["argv"][0])) {
++if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
+ 	die("<br><strong>This script is only meant to run at the command line.</strong>");
+ }
+ 
+diff -urNad cacti-0.8.6h~/poller_export.php cacti-0.8.6h/poller_export.php
+--- cacti-0.8.6h~/poller_export.php	2006-01-04 04:08:30.000000000 +0100
++++ cacti-0.8.6h/poller_export.php	2007-01-28 00:04:07.000000000 +0100
+@@ -25,7 +25,7 @@
+ */
+ 
+ /* do NOT run this script through a web browser */
+-if (!isset($_SERVER["argv"][0])) {
++if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
+ 	die("<br><strong>This script is only meant to run at the command line.</strong>");
+ }
+ 
+diff -urNad cacti-0.8.6h~/poller_reindex_hosts.php cacti-0.8.6h/poller_reindex_hosts.php
+--- cacti-0.8.6h~/poller_reindex_hosts.php	2006-01-04 04:08:30.000000000 +0100
++++ cacti-0.8.6h/poller_reindex_hosts.php	2007-01-28 00:04:07.000000000 +0100
+@@ -25,7 +25,7 @@
+ */
+ 
+ /* do NOT run this script through a web browser */
+-if (!isset($_SERVER["argv"][0])) {
++if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
+ 	die("<br><strong>This script is only meant to run at the command line.</strong>");
+ }
+ 
+diff -urNad cacti-0.8.6h~/rebuild_poller_cache.php cacti-0.8.6h/rebuild_poller_cache.php
+--- cacti-0.8.6h~/rebuild_poller_cache.php	2006-01-04 04:08:30.000000000 +0100
++++ cacti-0.8.6h/rebuild_poller_cache.php	2007-01-28 00:04:07.000000000 +0100
+@@ -25,7 +25,7 @@
+ */
+ 
+ /* do NOT run this script through a web browser */
+-if (!isset($_SERVER["argv"][0])) {
++if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
+ 	die("<br><strong>This script is only meant to run at the command line.</strong>");
+ }
+ 
+diff -urNad cacti-0.8.6h~/script_server.php cacti-0.8.6h/script_server.php
+--- cacti-0.8.6h~/script_server.php	2006-01-04 04:08:30.000000000 +0100
++++ cacti-0.8.6h/script_server.php	2007-01-28 00:04:07.000000000 +0100
+@@ -23,14 +23,14 @@
+  | - raXnet - http://www.raxnet.net/                                       |
+  +-------------------------------------------------------------------------+
+ */
+-$no_http_headers = true;
+ 
+ /* do NOT run this script through a web browser */
+-if (!isset($_SERVER["argv"][0])) {
++if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
+ 	die("<br><strong>This script is only meant to run at the command line.</strong>");
+-	exit(-1);
+ }
+ 
++$no_http_headers = true;
++
+ /* define STDOUT/STDIN file descriptors if not running under CLI */
+ if (php_sapi_name() != "cli") {
+ 	define("STDIN", fopen('php://stdin', 'r'));
+diff -urNad cacti-0.8.6h~/scripts/query_host_cpu.php cacti-0.8.6h/scripts/query_host_cpu.php
+--- cacti-0.8.6h~/scripts/query_host_cpu.php	2006-01-04 04:08:30.000000000 +0100
++++ cacti-0.8.6h/scripts/query_host_cpu.php	2007-01-28 00:04:07.000000000 +0100
+@@ -1,6 +1,15 @@
+ <?php
+ 
++/* do NOT run this script through a web browser */
++if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
++   die("<br><strong>This script is only meant to run at the command line.</strong>");
++}
++
+ $no_http_headers = true;
++
++/* display No errors */
++error_reporting(0);
++
+ include(dirname(__FILE__) . "/../include/config.php");
+ include(dirname(__FILE__) . "/../lib/snmp.php");
+ 
+diff -urNad cacti-0.8.6h~/scripts/query_host_partitions.php cacti-0.8.6h/scripts/query_host_partitions.php
+--- cacti-0.8.6h~/scripts/query_host_partitions.php	2006-01-04 04:08:30.000000000 +0100
++++ cacti-0.8.6h/scripts/query_host_partitions.php	2007-01-28 00:04:07.000000000 +0100
+@@ -1,6 +1,15 @@
+ <?php
+ 
++/* do NOT run this script through a web browser */
++if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
++   die("<br><strong>This script is only meant to run at the command line.</strong>");
++}
++
+ $no_http_headers = true;
++
++/* display No errors */
++error_reporting(0);
++
+ include(dirname(__FILE__) . "/../include/config.php");
+ include(dirname(__FILE__) . "/../lib/snmp.php");
+ 
+diff -urNad cacti-0.8.6h~/scripts/sql.php cacti-0.8.6h/scripts/sql.php
+--- cacti-0.8.6h~/scripts/sql.php	2006-01-04 04:08:30.000000000 +0100
++++ cacti-0.8.6h/scripts/sql.php	2007-01-28 00:04:07.000000000 +0100
+@@ -1,6 +1,15 @@
+ <?
+ 
++/* do NOT run this script through a web browser */
++if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
++   die("<br><strong>This script is only meant to run at the command line.</strong>");
++}
++
+ $no_http_headers = true;
++
++/* display No errors */
++error_reporting(0);
++
+ include(dirname(__FILE__) . "/../include/config.php");
+ 
+ if ($database_password == "") {
+diff -urNad cacti-0.8.6h~/scripts/ss_fping.php cacti-0.8.6h/scripts/ss_fping.php
+--- cacti-0.8.6h~/scripts/ss_fping.php	2006-01-04 04:08:30.000000000 +0100
++++ cacti-0.8.6h/scripts/ss_fping.php	2007-01-28 00:04:07.000000000 +0100
+@@ -1,11 +1,15 @@
+ <?php
+ #!/usr/bin/php -q
+ 
+-//STANDARD SCRIPT SERVER HEADER!!!
++/* do NOT run this script through a web browser */
++if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
++   die("<br><strong>This script is only meant to run at the command line.</strong>");
++}
++
+ $no_http_headers = true;
+ 
+ /* display No errors */
+-error_reporting(E_ERROR);
++error_reporting(0);
+ 
+ include_once(dirname(__FILE__) . "/../include/config.php");
+ include_once(dirname(__FILE__) . "/../lib/snmp.php");
+diff -urNad cacti-0.8.6h~/scripts/ss_host_cpu.php cacti-0.8.6h/scripts/ss_host_cpu.php
+--- cacti-0.8.6h~/scripts/ss_host_cpu.php	2006-01-04 04:08:30.000000000 +0100
++++ cacti-0.8.6h/scripts/ss_host_cpu.php	2007-01-28 00:04:07.000000000 +0100
+@@ -1,8 +1,14 @@
+ <?php
++
++/* do NOT run this script through a web browser */
++if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
++   die("<br><strong>This script is only meant to run at the command line.</strong>");
++}
++
+ $no_http_headers = true;
+ 
+ /* display No errors */
+-error_reporting(E_ERROR);
++error_reporting(0);
+ 
+ include_once(dirname(__FILE__) . "/../lib/snmp.php");
+ 
+diff -urNad cacti-0.8.6h~/scripts/ss_host_disk.php cacti-0.8.6h/scripts/ss_host_disk.php
+--- cacti-0.8.6h~/scripts/ss_host_disk.php	2006-01-04 04:08:30.000000000 +0100
++++ cacti-0.8.6h/scripts/ss_host_disk.php	2007-01-28 00:04:07.000000000 +0100
+@@ -1,8 +1,14 @@
+ <?php
++
++/* do NOT run this script through a web browser */
++if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
++   die("<br><strong>This script is only meant to run at the command line.</strong>");
++}
++
+ $no_http_headers = true;
+ 
+ /* display No errors */
+-error_reporting(E_ERROR);
++error_reporting(0);
+ 
+ include_once(dirname(__FILE__) . "/../lib/snmp.php");
+ 
+diff -urNad cacti-0.8.6h~/scripts/ss_sql.php cacti-0.8.6h/scripts/ss_sql.php
+--- cacti-0.8.6h~/scripts/ss_sql.php	2006-01-04 04:08:30.000000000 +0100
++++ cacti-0.8.6h/scripts/ss_sql.php	2007-01-28 00:04:07.000000000 +0100
+@@ -1,9 +1,14 @@
+ <?php
+ 
++/* do NOT run this script through a web browser */
++if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
++   die("<br><strong>This script is only meant to run at the command line.</strong>");
++}
++
+ $no_http_headers = true;
+ 
+-/* display ALL errors */
+-error_reporting(E_ALL);
++/* display No errors */
++error_reporting(0);
+ 
+ if (!isset($called_by_script_server)) {
+ 	include_once(dirname(__FILE__) . "/../include/config.php");